According to «Kaspersky laboratories», The first Flashfake options were discovered back in September 2011. In March 2012, the bot infected more than 600 thousand computers around the world. To date, it is known that one of the modules is engaged in the substitution of search traffic, showing the user false results when using search engines. Thus, attackers earn money on «clicks». However, depending on the goals of criminals, in addition to interception of search traffic, they can load on infected computers and other malicious modules designed to send spam, theft of personal information, including logins and passwords from online banking systems.
The main way of infection in March 2012 was the operation of vulnerabilities in Java. The authors of Flashfake use various sites on the network, when contacting which there is an automatic download and launch of a malicious file on the user’s computer. It is worth noting that the largest number of infections was recorded in the USA (300917), Canada (94625) and Great Britain (47109), where Apple’s products are traditionally widespread. At the same time, Russia and the CIS countries were practically not affected during the global Flashfake epidemic and were noted in the analyst report only a few dozen bots.